View Issue Details

IDProjectCategoryView StatusLast Update
0001586Anope Development (1.9.x series)Otherpublic2014-05-01 23:39
ReporterObiWan Assigned ToAdam  
Status resolvedResolutionfixed 
Summary0001586: m_ldap_authentication - Password not stored correctly in directory
DescriptionWhen using the m_ldap_authentication and allowing registration via this module the password doesn't seem to be stored correctly inside the directory.

Afaik na->nc->pass contains the already encrypted password. When storing it into the directory it is necessary to tell it which hashing has been used otherwise the directory server uses his default encryption.

In addition to this you can't just store any md5 hash into the directory. You have to encode it base64 and pack it with H*. (At least in PHP). Here is an example from PHP:

$LDAPPassword = '{md5}' . base64_encode(pack('H*', md5($Password)));

Currently if I register an account with nickserv I won't be able to authenticate against it using the information stored on the directory server.
TagsNo tags attached.



2014-05-01 23:39

administrator   ~0006636



2014-04-27 14:16

reporter   ~0006634

Works. Thanks very much :)


2014-04-27 14:03

reporter   ~0006633

Yes. LDAP an take an unencrypted password and encrypt it by its self.

I'll try the patch today.


2014-04-26 23:06

administrator   ~0006628



2014-04-26 22:59

administrator   ~0006627

I can make this send the password to LDAP unencrypted. Can LDAP take that and then encrypt it?

Issue History

Date Modified Username Field Change
2014-04-20 14:31 ObiWan New Issue
2014-04-26 22:59 Adam Note Added: 0006627
2014-04-26 23:06 Adam Note Added: 0006628
2014-04-27 14:03 ObiWan Note Added: 0006633
2014-04-27 14:16 ObiWan Note Added: 0006634
2014-05-01 23:39 Adam Note Added: 0006636
2014-05-01 23:39 Adam Status new => resolved
2014-05-01 23:39 Adam Resolution open => fixed
2014-05-01 23:39 Adam Assigned To => Adam